The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...

Google has released emergency security patches to address CVE-2025-10585, a high-severity zero-day bug in the V8 JavaScript engine of Chrome that has been actively exploited, the sixth Chrome zero-day ...

Google pushed an emergency patch on Monday for a high-severity Chrome bug that attackers have already found and exploited in the wild.… The vulnerability, tracked as CVE-2025-13223, is a type ...

Oracle重启Java的Detroit项目，旨在实现Java与Python、JavaScript的联合使用。该项目将基于Chrome V8引擎实现JavaScript支持，基于CPython实现Python支持。项目目标包括提供javax.script API实现、改善应用安全性、简化对其他语言AI库的访问，以及充分利用V8和CPython运行时的兼容性。Detroit计划成为OpenJDK社区 ...

The vulnerability in the Chrome V8 JavaScript engine is rated as high severity and was discovered by Google’s Threat Analysis Group. The Google Chrome team issued an update to fix a high-severity ...

Google has issued an emergency patch to address a high-severity, zero-day exploit targeting the desktop version of its Chrome browser. The vulnerability, dubbed CVE-2025-13223, "exists in the wild," ...